Summary of Qualifications

Frank is seasoned information assurance IA and project management professional with 13 years of IT related experience and close t 8 years of network/application security assessment, certification and accreditation C A , IT security policy design, IT Security Training, and continuity of operations COOP , IT risk management, and vulnerability mitigation experience. He brings management experiences in IA budgeting, personnel development, and IT implementation planning. Frank brings knowledge that is a culmination of 11 years of both Military and consulting experience ranging from Department of Defense DoD US Air Force, US Army, DISA, DLA, and DSS t federal agencies US Patent/Trade Office USPT , Department of State DoS , Federal Reserve, and the Department of Justice DoJ . Additionally, Frank holds Master of Science degree in Information Technology and internationally recognized IT security certifications, including CISSP, GPEN, GCWN, and CEH. Frank holds a TS/SCI security clearance with a Counter-Intelligence Polygraph. He is fully familiar with Air Force Communication and Information Instructions 33-series and AFSSIs, DoD instructions, directives, and manuals, National Institute of Technology NIST publication, and security configuration guides STIGS and CIS Benchmarks , DOJ regulations, and the Office of Management Budget OMB circulars, memorandums, and bulletins.

Professional Experience and Accomplishments

Crest Security Assurance

Confidential

• Frank formed Crest Security Assurance in January 2009 t provide innovative Information Assurance, C A support, and Penetration Testing services t both commercial businesses and federal government agencies .
• Lead writer for proposal for technical approach requirements
• Instrumental role in Capture Management through building customer relationships and identifying potential opportunities.
• Responds t RFI requirements t assist the government with molding procurement strategies.

Crest Security Assurance

Confidential

• As a lead member of Security Assessment Team SAT , Frank is tasked t lead vulnerability testing efforts on various technologies in both production and development, including:
• Network Devices Cisc Firewalls, Switches, and Routers
• Operating System Windows, Linux RHEL and Ubuntu , and Solaris
• Applications Oracle, SQL Server, and MySQL
• Web Testing IIS, Cold Fusion, Apache, Tomcat, and JBoss
• VMWare ESX/ESXi VSphere, VCenter, and VMotion
• Cross Domain Solutions OWL technologies with Solaris-Implementation, and custom solutions
• As determined by the system, Frank creates certification test plans based on established Security Requirements Traceability Matrix SRTM requirements that ensure a thorough test effort, while covering all controls outlined by DOJ 2640.2E, DCID 6/3, NIST 800-53
• In addition t manual testing, Frank utilizes various tools t determine the security posture of each system.
• The following is a list of some of the tools used not a comprehensive list :
• Nmap
• Nessus 5.x
• Web Inspect
• AppScan
• Nipper
• App Detective
• Kali Linux
• MetaSploit Framework
• Solar Winds network testing tools
• Netcat
• Burpsuite
• SysInternals Suite
• The SAT engages in various testing effort ranging from Approval t Test ATT Testing and Security Impact Assessments t Certifications and POA M validation testing. Each test required a report which detailed any significant findings, the easy of exploit, and significance t the network if exploited.
• Frank is an integral part of the all Certification Test Reports peer review process. This effort ensures that all writes up were justified and met FBI/DOJ/NIST criteria, while upholding security best practices.

Crest Security Assurance

Confidential

• As a critical member of the Information Assurance team, Frank is charged with both Computer Network Defense aka SOC and C A tasks.
• He was charged with interviewing, observing, and testing system security control implementations utilizing various methodologies e.g., DIACAP 8500.2 , DCID 6/3, and JAFAN 6/3 . He is responsible for creating and maintaining C A documentation SSP, DIACAP package, CONOPS, SSAAs, etc.
• Frank was part of SOC efforts as well he installed and setup SourceFire IDS equipment Defense Center and 4 sensors , utilizing the traffic NetOptics taps for ingess. He tuned devices for false positive elimination. Frank is systems with the systems and networking team t gain a better understanding of normal network operations in order t filter out common network traffic t see the actual events.
• Frank was part of the effort t bring greater visibility int potential network threats and vulnerabilities. He implemented implementing RSA Netwitness Decoders, Concentrators, and Hybrids .
• He is familiar with SOC and incident response tools, techniques, and procedures:
• Br Netflow analysis

• Suricata open Source IDS
• Splunk and implementing Apps e.g., Enterprise Security
• The C A team is responsible security assessment of various technologies, including but not limited t : Windows Server 2003/2008/2008R2, Ubuntu Linux, RedHat ES5, Windows XP/7, Oracle, MS SQL 2008, IIS, VMWare ESXi, all network devices Cisc ASAs, switches, and routers , and new applications.
• Frank is als the main point of contact for all network vulnerability scanning and DISA Security Readiness Script SRR and SCAP. The primary tools utilized for this task is Eeye Retina, Nessus, and Nmap.
• Frank designed a scaled down manual process for checking the security posture of Cisc Switch/Routers, including checking for:
• Type 7 passwords

• EIGRP Keys and lifetime status
• NTP authentication
• SNMP versioning and community string implementation
• Proper Banner
• Port Security implementation on user switchports
• SSH version
• User account limitations
• TACACS implementation
• ACL /VLAN implementation
• Frank was instrumental in revamping the process for getting new systems int production. He worked with system and network engineers t implement a secure universal baseline for Windows 7 and 2008R2 Server, ensuring that initial implementation of a system is based on a secured platform. Thus, significantly cutting the time systems required t be in a testing phase.
• Frank created the first mobile Security Test and Evaluation ST E platform for the organization. He researched specifications for the hardware/software, procured that software required for testing efforts e.g., Nmap, Nessus, Retina, SysInternals, Wireshark, putty, and VMware Workstation w/ Linux VM for added flexability .
• Frank is familiar with accreditation efforts for special communication packages
• The Assured Compliance Assessment Solution ACAS systems aka. Tenable Security Center has been mandated as the new vulnerability scanning/management system for DoD and Frank is the POC for the organization's implementation of the system. Frank procured the beta system ACAS 4.2 and began testing the system in anticipation of the July 2013 directive t have ACAS 4.6 online.

Crest Security Assurance

Confidential

• As a senior member of Security Assessment Team SAT , Frank is tasked t lead vulnerability testing efforts on various technologies in both production and development, including:
• Network Devices Cisc Firewalls, Switches, and Routers
• Operating System Windows, Linux RHEL and Ubuntu , and Solaris
• Applications Oracle, SQL Server, and MySQL
• Web Testing IIS, Cold Fusion, Apache, Tomcat, and JBoss
• VMWare ESX/ESXi VSphere, VCenter, and VMotion
• Cross Domain Solutions OWL technologies with Solaris-Implementation
• As determined by the system, Frank creates certification test plans based on established Security Requirements Traceability Matrix SRTM requirements that ensure a thorough test effort, while covering all controls outlined by DOJ 2640.2E, DCID 6/3, FISCAM, NIST 800-53
• In addition t manual testing, Frank utilizes various tools t determine the security posture of each system. The following is a list of some of the tools used not a comprehensive list :
• Nmap
• Nessus 3.5/4
• GFI LANGuard
• Web Inspect
• AppScan
• Nipper
• App Detective
• Core Impact
• BackTrack4
• MetaSploit Framework 3.0
• Solar Winds network testing tools
• Netcat
• Paros Web Proxy
• SysInternals Suite
• The SAT engaged in various testing effort ranging from Approval t Test ATT Testing and Security Impact Assessments t Certifications and POA M validation testing. Each test required a report which detailed any significant findings, the easy of exploit, and significance t the network if exploited.
• Frank is an integral part of the all Certification Test Reports peer review process. This effort ensures that all writes up were justified and met FBI/DOJ/NIST criteria, while upholding security best practices.

Crest Security Assurance

Confidential

• The Federal Reserve Board is a complex agency with many decentralized processes and architectures that span across the various divisions. As the primary consultant on the compliance team Frank has been tasked with projects ranging from unifying various organizational processes e.g., Account and System Management, Vulnerability Management, and Configuration Management t creating compliance testing document for both operating systems Windows , services DNS , and applications Oracle .
• When tasked with facilitating a meeting of agency IT professional t come up with a baseline of best practices ranging from account management t media utilization, Frank immediately took the lead and convened a tiger team t tackle the task. Frank facilitated discussion, provided meeting minutes, and steered the meetings t a solutions based environment and ensured that ultimate standard put forward was a viable document each group/division could agree upon.
• As part of the compliance team Frank's primary mission is t design detailed testing steps for the FISMA/NIST C A effort for various critical board components including:
• RSA SecurID
• Cisco
• Microsoft ISA Server
• Windows 2003/XP Domain Controllers, Member Servers, and Stand-Alone
• Frank continuously meets with the various system owners t develop the testing documentation for compliance and is currently in the process of finalizing the documentation and coordinating detailed manual and automated testing using various tools established at the Federal Reserve e.g., Big Fix, Qualys, and nCircle's IP360 .
• As a seasoned C A professional Frank helped reconfigure the FISMA compliance program at the Federal Reserve Board. He assisted the compliance manager is identifying critical areas of improvement that would ensure efficiency, while maintaining a sense of due diligence and attention t detail. Some of the identified areas include:
• Accreditation Boundary
• Security Categorization FIPS 199
• Risk Assessment Process/Reporting
• Security Test and Evaluation Process/Reporting
• System Development Life Cycle pertaining t network infrastructure

Confidential

Senior Associate Information Assurance Engineer

• Frank is a key member of the Security Test Evaluation team performing a range of validation functions. He provides tailored testing and evaluation steps in accordance with NIST SP 800-53a and the system's environment.
• Frank performs operating system, application, database, and infrastructure security assessments. Utilizing Department of State security configuration guidance, automated vulnerability/compliance scanning software e.g., Lumension Patchlink aka Harris STAT and Tenable Nessus , and industry best practice. Frank assesses the following for vulnerabilities:
• Routers and Switches
• Oracle 9i and 10g in a windows environment
• MS SQL
• Windows 2003 Server
• Web servers including IIS 5.0 and 6.0
• Frank attends system assessment kick-off meetings t add technical expertise and testing timeline.
• Frank reviews all system documentation t ensure a he has complete understanding of system functionality, interconnections, established unmitigated vulnerabilities, and system shareholders
• Frank conducts system owner, developer, and administrator interviews t ascertain the true security posture of the system as stated in the System Security Plan SSP . He requests demos, takes screenshots, procures soft copies of system logs, and other viable validation artifacts a ensure the certifying authority and approval authority is presented a accurate picture of the system.
• Frank works closely with the system stakeholders t mitigate found vulnerabilities or coordinates compensating controls for items that cannot be mitigated. He then creates a Plan of Action and Milestones POA M t present t the security analyst of the residual findings. Furthermore, Frank determines risk ratings High, Moderate, and Low based off the likelihood and magnitude/impact of each vulnerability

Defense Security Services DSS

Confidential

• Frank is a vital lead member of the DSS Office of the Chief Information Officer OCI IA surge team required t perform the ST E task critical t both the certification of the DSS enterprise unclassified network and the rollout of the TALON cryptographic device. The TALON device allows the DSS field offices t securely tunnel through the DoD Non-Secure Internet Protocol Routed Network NIPRNET t reach the Secure Internet Protocol Routed Network SIPRNET . Frank deployed t Ten 10 of the thirty 30 DSS field offices t completed this task.
• Frank streamlined the certification process as he mapped out an order of operation for system verification/remediation. This task included the following:
• Waivers and Plan of Action and Milestones POA M
• Validation scanning and screenshots
• Vulnerability analysis, mitigation including false positive list creation for continuity , compensating controls, and degrading of severity level/risk
• System administrator engagement
• Initial vulnerability scanning
• As part of the ST E process, Frank utilized the following security assessment tools and methodologies:
• DoDI 8500.2 Controls
• DISA Enclave, Network, and Multi-Function Device/Printer Security Test and Implementation Guide STIG Checklists
• McAfee Hercules DISA SCRI
• HBSS McAfee eP Server
• DISA Gold Disk v2, Tenable Nessus, Eeye Retina, Lumension Patchlink aka Harris STAT , and Nmap
• Frank was a key technical advisor. He validated and implemented corrective action on numerous windows security settings including:
• MS Office Applications
• McAfee/Symantec registry settings
• File permissions and auditing
• Registry settings
• Internet Explorer settings
• Account, Audit, Local, and User settings
• Frank reviewed the windows Group Policy against the DISA Security Readiness Review SRR Gold Disk Version 2 findings and security best practices, and proposed fix actions t system administrators. Fix actions were implement a new image was created for the enterprise.
• Frank created shares on a Windows 2003 Member Server t add t the Sharepoint server t utilizes as the focal point for all project documentation. This implementation was extremely helpful in organizing client's data and ensuring deliverables were presented on time.
• Frank was a problem solver. He found numerous systems that were not communicating with the McAfee eP server and introduced steps t rectify the issue. Frank uninstalled/reinstalled the eP package along with firewall/intrusion detection and Anti-virus software on the systems. He then gained access t the eP server and added the fixed systems t the server. Frank continued t perform analysis t identify missing systems at each DSS site. This effort resulted in 98 eP coverage by project closure.
• Frank was instrumental highlighting deficiencies in numerous operational/security end-point management systems e.g., WSUS, Active Directory, McAfee products, and SMS . He developed a plan of action t synchronize the systems t gain a more clear view of the network's security posture t meet the requirements out-lined in DoDI 8500.2 and the DIACAP Knowledge Services.
• Frank was the go-t expert for network re-validation efforts. He presented a methodology that would promote accuracy and due diligence. Frank suggested the use of terminal services/remote desktop, which would allow direct access t distant systems at minimum cost t the customer. The IA team could both remediate and collect artifacts for C A validation efforts. This resulted in saving both time and money as administrators did not have t re-travel t each sites.
• Frank was essential in identifying a critical security threat t the DoD/DSS NIPRNET. He discovered an unauthorized commercial connection attached t the NIPRNET at once he engaged with local network administrator and DSS HQ personnel t determine the root cause of the breach. This resulted in the administrator finding a DSL modem connected t the NIPRNET and immediately disconnecting the cable.
• In addition t the certification task, Frank was essential in ensuring that all DSS field office personnel were trained in the utilization of the TALON card. Frank briefed over eighty 80 DSS personnel at numerous sites of how TALON functions, capabilities, and maintenance operations.
• Frank guided network and infrastructure N I team members in system remediation and tool use. Frank trained N I personnel on how t use scanning tools, and navigation of the windows system for fix actions.

Confidential

Continuous Monitoring/Configuration Management Review CMR Program

• Frank is instrumental in the success of USPT Continuous Monitoring program. He implemented multiple processes which ensured mission effectiveness. Frank implemented project plans t ensure team members stayed on task. These plans include both dates and deliverables, and are updated on a weekly basis t ensure a pseudo-real-time task management and team awareness.
• Upon assessing the current system environment and implemented NIST 800-53 security controls for each application, Frank drafted standard assessment language e.g., risk analysis and mitigation strategies t present t the client. Furthermore, he helped create templates for the CMR team t present t the client, which included system background information, NIST guidance regarding system changes and reaccredidation requirements, and accreditation recommendation.
• Frank epitomizes attention t detail. He ensures that as changes t the system are implemented the applicable security documentation is updated. These items include: System Security Plans SSP , affected NIST 800-53 controls, risk assessment reports RAR , and security assessment reports SAR , Configuration Management Review reports CMRR . Frank acted as the lead reviewer for the CMR effort.
• Frank effectively communicated system insecurities and NIST 800-53 control impact t USPT information security executive staff, system development leads, and government contractors. This ensured that members wh disputed any finding were fully aware of the NIST requirement and level of effort implemented t validate the control on the production system.
• Frank was a key member of the Certification and Accreditation Control Group CACG . This executive level working group is chartered t ensure all USPT government contractors wh process, store, or transmit USPT data meet OMB/FISMA Certification and Accreditation C A requirements.
• In an effort t determine contractor C A requirements if it was stated that their local LAN did not process, store, or transmit USPT data , Frank designed a detailed process for the CACG Independent Verification and Validation IV V team t perform an exhaustive search for known USPT data files that may reside on contractor's systems. This search included tw parts one a simple Microsoft search function, which included both a file/folder search and an in-file search for designated text. The second part was a root level dump using the command prompt and the dir command piped t the find command.
• Frank performed flawlessly as a CACG IV V team member. He vigorously reviewed more than 75 controls for five contractor networks and found numerous NIST requirements that were not met. Frank presented guidance/feedback t contractors for each control. Thus, maintaining the security posture required for each system e.g., Moderate system and ensuring controls were assessed IAW NIST 800-53A.

Confidential

Certification and Accreditation effort

• Frank managed six CONUS and OCONUS site Korea, Kuwait, Seattle, San Diego, Guam, and Susquehanna DIACAP C A programs. He deployed t each site t perform security assessment tasks. He effectively guided each site through the network certification effort. He performed following tasks and ensured all deliverables were completed and presented t the customer as required:
• Executive Briefings e.g., In/Out-Briefings and task resource requirements

• Self-Assessment procedures
• System administrator interviews and system/documentation examinations in accordance with DIACAP knowledge services methodologies
• Perform Security for IA control verification/validation
• Artifact gathering for validation
• Network Scanning utilizing DISA Gold Disk SRR and Eeye Retina
• Evaluating physical security implementations e.g., physical IDS, fire detection/suppression, door looks, and windows
• Create/Manage Plan of Action and Milestones POA Ms
• Update all applicable C A documentation e.g., SSAA, wireless compliance, and ST E IA Controls
• Frank was instrumental in facilitating the implementation of proposed mitigation strategies at DDC. His in-depth knowledge of the DDC network coupled with his wide ranging information technology comprehension ensured viable solution were implemented. Furthermore, Frank helped manufacture a vulnerability exception list for DAA approval, which highlighted compensating controls that minimized vulnerability risk.
• Frank implement/verified DISA Security Test and Implementation Guide STIG compliance by administering the DISA gold disk and determining false positives, exceptions, and mitigation strategies by evaluating Microsoft Group Policies/Security Review Readiness reports for both servers and clients
• In an effort t meet the requirement of the DISA wireless STIG. Frank created the DDC Mobile Device User Agreement policy. This policy ensured that users acknowledged their responsibilities when using a government purchased portable device laptops, blackberries, etc. .

Confidential

Oracle Data Base Administrator DBA

• Frank was part of the Oracle Team at the Joint Staff Support Center responsible for a critical 33,000 user DoD databases and the Joint Operation Planning and Execution System JOPES application. He ensured system uptime, health, and multiple enclave data management. Additionally, Frank ensured critical database backups redo/full were consistently run t maintain data availability in the event of failure or contingency.
• Frank was tasked t manage/monitor database objects through both the Oracle Enterprise Manager OEM and SQLplus command-line. He ensured all database tablespaces maintained a adequate level for application queries. However, if the query exceeded database memory requirements Frank investigated the process in both Oracle and Solaris then killed process/query and notified the user of the hung process.
• Frank created over three-hundred 300 accounts for new JOPES application users. He managed user lockouts and access roles.
• Frank maintained a working knowledge of SQL, PL/SQL, and Unix Shell Scripting which allowed him t create vital reports for system health and operation. Frank created a system report that showed tablespace size, backup success/failures, current/inactive users, etc.

Confidential

Independent Consultant

Frank was employed t update existing IT continuity of operations plan COOP template for Defense Distribution Center DDC enterprise SSAA. He utilized NIST SP 800-34, 800-53, OMB A-130, and DoD 8500.2 t revamp the DDC COOP. Frank researched the NIST contingency planning control family CP-X alongside DoD 8500.2 continuity subject area COXX-1 based on established network criticality/sensitivity levels. He engaged with both DDC contractors and executives t ensure all expectations and requirements were met. Frank completed the document according t customer requirements and deliverable was submitted early.

Confidential

Information Systems Security Manager ISSM

• Frank was tasked t revitalize the ISSM and C A programs on Altus Air Force Base AFB . He assessed the current security budget and procured additional funds t ensure that training, media, and IA tools were purchased and annually maintained. The media included brochures, flyers, and posters, while IA tools such as magnetic media degausser was purchased.
• Frank was a key member of the plans and programs new network technology evaluation process. He reviewed each proposed requirement and ensured that all items requiring network access presented a viable solution and all C A requirements were met in accordance with both DoD and AF Communication Agency AFCA requirements e.g., Certificate of Networthiness and Type Accreditation . Additionally, Frank assisted in creating the network security policy and created the mobile user agreement policy for Altus AFB.
• As the C A project team lead, Frank was instrumental in ensuring that the Altus AFB first consolidated enterprise network certification obtained an Approval t Operate AT . The effort consolidated over 6,000 network devices int one SSAA. Frank analyzed Information Assurance and C A requirements utilizing AFI 33-202, and DoD 8500 series documentation e.g., 8510.1-M DITSCAP, DoDI 8500.1 and 8500.2 DIACAP . He performed Security Test and Evaluation ST E /Residual Risk Assessment processes during system certification and created/updated applicable documentation e.g., SSAA and SFUG
• Frank was constantly vigilant of the network's security posture. He assessed Microsoft SMS and ISS scan reports for server/workstation vulnerabilities e.g., IAVAs, and/or AF TCNOs daily and facilitated corrective action on deficient items ensuring Altus AFB stayed on track with DoD's IAVM program.
• Frank operated as base lead on incident response. He worked closely with system administrators on threat analysis and reporting t Air Force CERT known as AF CND .
• As the ISS training manager, Frank revived the ISS program. He assessed program requirements both Air Force and Air Education and Training Command AETC and tailored the program in accordance with the requirements. Frank held annual training events, which ensured that all ISSOs were trained of their roles/responsibilities and made aware of new requirements. Additionally, he conducted one-on-one training sessions for newly assigned personnel.
• Frank conducted staff assistance visits SAVs , where he inspected each unit's ISS security program and quizzed users of security related knowledge e.g., what t d if a virus is detected . Frank then submitted a report highlighting deficiencies, observations, and lauded security practices t each unit commander.
• Frank served as the Altus AFB focal point for tracking/reporting user compliance with the annual Information Assurance Awareness Training requirement. He tasked all unit ISSOs t ensure user compliance and assured all network users and training dates were entered int a spreadsheet then submitted t the Major Command. This effort culminated in Altus AFB maintaining a 98 compliance status, well above the command standard of 90 .

Confidential

Centralized Network Control Center Shift Supervisor

• Frank directly supervised twenty shift personnel, while coordinating all command, control, and communications C3 efforts. He Process flash and other high level precedence messages t disseminate through Air Force High Frequency HF radi network. Additionally, he relay and process reconnaissance HF broadcast , configured antennas, radios, modems, KG-84 cryptographic systems through digital patch panels for Air-Ground-Air secure data mission requirements. Also,
• He accomplished traffic analysis t track system usage and customer base.
• Frank performed a daily inventory of all Communication Security COMSEC equipment and materials, and brief executives on current HF radi operation mission requirements, support, and outages